Can I NAT prior to VPN Tunnel?

Answered Question
Jun 30th, 2008

Hi,

I would like to add servers to a site to site ipsec tunnel configuration for transport.

However, I will need to NAT those machines for presentation at the other side.

For a Cisco 1760 (vpn endpoint) running on 12.3 code, is this possible?

If it is possible, could I get a link to a config? Or perhaps a snippet here?

We are using two ethernet interfaces for this:

ethernet1/0 is the inside

ethernet0/0 is the outside

Can't seem to find any documentation for it.

Thanks,

Paul

I have this problem too.
0 votes
Correct Answer by Farrukh Haroon about 8 years 5 months ago

This is the 'NAT Order of Operation' employed by Cisco devices, It seems NAT is before the crypto check anyway

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

Regards

Farrukh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.

Actions

This Discussion